If you have been using or managing SharePoint then you would know how quickly content, customisations and their growth, if not properly governed, can get out of control. Today most organisations deploying SharePoint have realised this and have SharePoint Governance Plans or Policies defined for their deployments. A Governance Plan can just be a brief document focusing on what users can and cannot do or it may be a detailed framework governing every part of SharePoint from custom development to usage and maintenance.
However, a large number of organisations are still struggling with effective governance despite of having a well-defined plan. Often an organisations’ focus is on defining a detailed and comprehensive governance plan that overlooks the process of actually implementing the plan – it is assumed that it is now up to IT support to ensure the processes and policies defined in the plan are enforced and implemented. Although a good number of them would take a step further and create a SharePoint Governance Group, however often the group itself struggles to enforce the standards and policies, specially in the area of day to day operations.
So let’s first take a look at the key implementation challenges and then what can be done to address them.
A. The implementation deserves respect, treat it just like another project!
One of the reasons why the implementation doesn’t get due attention is the absence of some tangible outcomes. Implementing a plan and associated policies is not like delivering a system. Furthermore it is not that straightforward to measure the outcomes and see the associated benefits immediately. As a result, interest in rolling out the governance plan wanes soon after its creation and governance documents are filed and forgotten somewhere on the same SharePoint site that is supposed to be being governed!
B. Yes, it does require (a little bit) of effort and resources!
Another challenge is the availability and allocation of the people and time required to enforce the plan with consistency. This is further complicated when we recall the fundamental principle behind existence of SharePoint: user empowerment. This can give rise to uncontrolled SharePoint growth where the balance of end-user power and IT control is not right for the environment. In other words SharePoint governance is lot different and demanding than managing, say your Active Directory. This makes it difficult for IT to enforce the policies without hindering user productivity (and annoying them).
C. If they don’t know it then they won’t do it!
Finally, enforcing governance does not merely require flicking some switches. The first step in implementing any set of governance policies is communicating them to users and support staff. Users and staff often do not have the time and interest to read lengthy governance documents so you can’t just send them the documents and expect them to be consumed, understood and followed! Being humans (and as SharePoint users) they do not like tightly controlled environments either and need to be convinced that the controls you are putting place will eventually work for them. An unhappy and ill-informed user may, instead, negatively see the governance policies as a roadblock towards being productive.
The secret behind a successful governance plan implementation
Well, there is no secret here really. In summary, it requires the IT management taking the implementation seriously (just like any other project) and seeing the benefits; doing effective user training and communication; and investing in automation to assist the IT teams in enforcing the governance policies.
User Communication and Training
We know very well that no one loves to read lengthy documents. Furthermore, reading text is one thing and actually understanding the content’s meaning is another. So post-creation the next challenge is to communicate the plan to users (end user and support staff) while ensuring it is not too difficult for them for them to understand and remember all the key points.
One technique that can help here is creating summarised posters or cheat-sheets for specific group of users such as SharePoint site members, owners and administrators. You can combine the information with any visualisation techniques that you feel may be effective, like charts, tables and even comics. See a couple of examples below.
It is also quite helpful (I would rather say necessary) to integrate the governance plan ‘knowhow’ into HR and IT processes like employees’ induction, role change and termination procedures. This will ensure things happen when they are required to.
The next big thing is … Automation
To help with enforcing governance policies without creating a lot of overhead for IT support and end-users, you can also get assistance from some SharePoint governance tools. There are quite a few third party tools available for this purpose. These tools can provide:
- finer control in managing the SharePoint environment;
- powerful growth forecasting and management;
- comprehensive and centralized security control and permission monitoring;
- provisioning workflows;
- critical alerts and notifications etc.
We can divide the tools into two categories – strategic and tactical. The basis of this subdivision is the product feature set, associated costs and resources required to implement them.
Tactical tools are low cost options that enable the support teams to analyse and understand their SharePoint implementation and assess its health with reference to the governance plan and policies.
A windows application that can run standalone or be installed on the server. SPDocKit:
- generates detailed farm documentation on the target SharePoint environment
- compares SharePoint farm configuration against best practices
- can take snapshot of the environment and allows the support to compare with other SharePoint farms or the same farm but a different point in time
This is a quite handy tool that enables you to check if your SharePoint sites are having some kind of mushroom growth or flourishing like a beautiful well-maintained garden. It reverse engineers your site structure and let you visualise it in tree structure form. The tool can generates its output in multiple formats and you can then use Excel, a browser or Visual Studio to render the site structure. Regular generation and analysis of site structure diagrams can be added to IT support processes for detecting any major violations of site-structure related governance policies.
The following screenshot shows a real world example , a complex site tree containing 600+ sites .
Metalogix offers a suite of tools for migrating and managing SharePoint content and that includes ControlPoint. ControlPoint is a well-refined product with an extensive set of features. It includes all the key components such as provisioning workflows, content growth monitoring, user action reporting and site stats; governance policy and permission management etc.
A solid product for SharePoint content migration and automating governance workflows. It can be seen as a strategic investment i.e. having AvePoint as the provider of some key SharePoint add-ons. They offer a range of SharePoint products, both for SharePoint Online and on-premises. However the governance module mainly focuses on SharePoint sites and site objects provisioning and deletion workflows. You will need to buy additional modules for end-to-end monitoring and reporting purposes.
An easy to use product offering both content migration and governance tools in one product. It allows SharePoint admins to manage security settings, monitor environment growth, get rid of unused and obsolete content, ensuring that SharePoint meets the organisational standards. However, if you do not have SharePoint content migration needs then you cannot buy the governance module as a standalone product.
This is a low cost cloud based Office 365 governance tool (they do not have a version for SharePoint on-premise). They also have another product SharePoint Documentation Kit (described in the ‘Tactical Tools’ section previously) that can help with reporting and site structure analysis. With this governance kit administrators can setup and configure SharePoint Online rules. The rules then can be applied to a specific site, list or library. It can generate detailed reports.
I conclude here by emphasizing that first and foremost the implementation of a SharePoint governance plan should be taken and treated like a project. This approach ensures that the SharePoint governance policies do not just stay within the boundaries of a document but they do come out into action and reward everyone. Finally a picture is worth a thousand words, the following diagram concludes this article.
This article was originally published on my own blog at The SharePoint Governance Puzzle